Background Material in Algebra and Number Theory. Groups

PRELIMINARY READING FOR ALGEBRAIC NUMBER THEORY. HT 2016/17. Section 0. Background Material in Algebra and Number Theory The following gives a summary of the main ideas you need to know as prerequisites to the Part B lecture course on Algebraic Number Theory. There is an associated optional Sheet 0 of questions for you to try, if you feel you need to refresh your skills in these topics. Most of you should have seen most of this material before in lecture courses from previous terms, but it is just as well to read through it carefully, in order to fill in any gaps. Groups Definition 0.1. A group is a set G with a binary operation which satisfies the following properties. Closure: If f, g G then f g G. Associativity: For all f, g, h G, (f g) h = f (g h). Existence of identity: There exists e G such that, for all g G, e g = g e = g. Existence of inverses: For all g G, there exists h G such that g h = h g = e. Comment 0.2. The element h is the inverse of g, and is typically denoted g 1, when referring to a general group G,, and any specific group whose operation is some type of multiplication. On the other hand, the inverse of g will typically be denoted g when dealing with a specific group whose operation is some form of addition. Definition 0.3. We say that a group G is a commutative (or Abelian) group if it also satisfies Commutativity: For all f, g G, f g = g f. Examples 0.4. (a) Z, + is an Abelian group (identity 0). (b) Z, has identity = 1 but, for example, 2 has no inverse, and so this is not a group. (c) R +, (the positive real numbers under multiplication) is an Abelian group with identity 1. (d) R R, + [which means all pairs (a, b), with operation (a 1, b 1 )+(a 2, b 2 ) = (a 1 +a 2, b 1 +b 2 )] is an Abelian group with identity (0, 0). (e) {2 2( matrices ) with nonzero determinant} under matrix multiplication is a group. Identity = 1 0. 0 1 1

2 (f) C 6, + [the cyclic group of order 6], denoting {0, 1, 2, 3, 4, 5} under + modulo 6 [e.g. 3 + 4 = 1]. This is an Abelian group with identity 0. (g) C 2 C 3, +, which is {(0, 0), (0, 1), (0, 2), (1, 0), (1, 1), (1, 2)} under the operation: (a 1, b 1 ) + (a 2, b 2 ) = (a 1 + a 2 mod 2, b 1 + b 2 mod 3). This is an Abelian group with identity (0, 0). (h) Let S 3, be the set of permutations of {1, 2, 3}, with: f g = g-followed-by-f as our operation [we shall normally abbreviate f g as fg]. This is a group and the elements are: {e, (12), (13), (23), (123), (132)} [where, for example, (132) represents the permutation: 1 3, 3 2, 2 1, and (23) represents 2 3, 3 2 (with 1 1)]. This is not an Abelian group since, for example, (132)(12) = (23), but (12)(132) = (13). Definition 0.5. Let G 1, 1 and G 2, 2 be groups, and let φ : G 1 G 2 [a map from G 1 to G 2 ]. We say that φ is a homomorphism if, for all g, h G, φ(g 1 h) = φ(g) 2 φ(h). An endomorphism on a group G is a homomorphism from G to itself. Examples 0.6. (a) log : R +, R, + is a homomorphism since, for all a, b R +, log(a b) = log(a)+log(b) [that is, log(a 1 b) = log(a) 2 log(b)]. (b) φ : R R, + R, + defined by φ ( (a, b) ) = a [can also express this as φ : (a, b) a] is a homomorphism. Proof. φ ( (a, b) 1 (c, d) ) = φ ( (a, b) + (c, d) ) = φ ( (a + c, b + d) ) = a + c. Also, φ ( (a, b) ) 2 φ ( (c, d) ) = φ ( (a, b) ) + φ ( (c, d) ) = a + c, and these are the same. (c) φ : Z, + Z, +, defined by φ(a) = 2a is a homomorphism. (d) φ : Z, + Z, + : a a 2 is not a homomorphism since, for example, φ(2 + 3) = φ(5) = 5 2 = 25, but φ(2) + φ(3) = 2 2 + 3 2 = 13, and these are not equal. Definition 0.7. Let φ : S T, for any sets S, T. We say that φ is injective (or 1 1 or an injection) if, for all f, g S, φ(f) = φ(g) = f = g; that is, f g = φ(f) φ(g) [i.e. when it never happens that two distinct f and g are mapped by φ to the same element]. We say that φ is surjective (or onto or a surjection) if, for all w T, there exists g S such that w = φ(g) [i.e. when every member of T is mapped onto by at least one element of S]. We say that φ is bijective (or a bijection) if it is both injective and surjective. Definition 0.8. Let φ : G 1, 1 G 2, 2 be a homomorphism. The kernel of φ (denoted ker φ) is defined as the set of all members of G 1 which are mapped to the identity element e 2 in G 2. That is: ker φ = {g G 1 : φ(g) = e 2 }. The image of φ (denoted im φ) is the set of all members of G 2 which are mapped onto by some member of G 1. That is to say: im φ = {φ(g) : g G 1 }.

3 Comment 0.9. Clearly, a homomorphism φ : G 1, 1 G 2, 2 is injective if and only if ker φ = {e 1 }, where e 1 is the identity element in G 1. It is surjective if and only if im φ = G 2. Examples 0.10. (a) log : R +, R, + is an injection since, for any f, g R + : φ(f) = φ(g) = log f = log g = e log f = e log g = f = g. It is also a surjection since, if w R, we can take g = e w R + and φ(g) = log(e w ) = w. Hence φ is a bijection, since it is both an injection and a surjection. The kernel is {1} [that is, 1 is the unique member of R +, mapped by log to the identity element 0 in R, +]. The image is all of R [since the map is surjective]. (b) Let φ : R R, + R, + be defined by φ ( (a, b) ) = a. This is not an injection since, for example, φ ( (2, 1) ) = 2 and φ ( (2, 3) ) = 2, but (2, 1) (2, 3). It is a surjection since, for any r R, we can take (r, 0) R R which satisfies φ ( (r, 0) ) = r [of course, we could just as easily have used (r, 1); we merely had to show that every r R is mapped onto by at least one member of of R R]. The kernel is {(0, b) : b R} and the image is all of R [since φ is surjective]. (c) φ : Z, + Z, +, a 2a. This is an injection since, for any a, b Z: φ(a) = φ(b) = 2a = 2b = a = b. It is not a surjection since nothing maps to 3 (for example). The kernel is {0} and the image is {..., 4, 2, 0, 2, 4,...}. Definition 0.11. Let G 1, 1 and G 2, 2 be groups and let φ : G 1 G 2. If φ is both a bijection and a homomorphism, then we say that φ is an isomorphism. If there exists an isomorphism φ : G 1 G 2, we say that the two groups are isomorphic (same shape) and we write G 1 = G2. Comment 0.12. If G 1 and G 2 are isomorphic groups, then G 2 can be regarded as the same group as G 1, merely with the elements relabelled. G 1 and G 2 will have all of the same structural properties (for example, G 1 will be Abelian iff G 2 is Abelian, G 1 will have an element g e satisfying g g = e iff G 2 has such an element, etc). Example 0.13. log : R +, R, + is an isomorphism, since it is both a homomorphism and a bijection. The groups R +, and R, + are isomorphic. Comment 0.14. Two finite groups G 1, G 2 are isomorphic if the group table of G 1 can have its elements relabelled to give the group table of G 2. Example 0.15. Let G 1 = C 2 C 3 and G 2 = C 6. Let φ : G 1 G 2 be defined by: (0, 0) 0, (1, 1) 1, (0, 2) 2, (1, 0) 3, (0, 1) 4, (1, 2) 5. The group table of G 1 is as follows.

4 + (0,0) (0,1) (0,2) (1,0) (1,1) (1,2) (0,0) (0,0) (0,1) (0,2) (1,0) (1,1) (1,2) (0,1) (0,1) (0,2) (0,0) (1,1) (1,2) (1,0) (0,2) (0,2) (0,0) (0,1) (1,2) (1,0) (1,1) (1,0) (1,0) (1,1) (1,2) (0,0) (0,1) (0,2) (1,1) (1,1) (1,2) (1,0) (0,1) (0,2) (0,0) (1,2) (1,2) (1,1) (1,1) (0,2) (0,0) (0,1) Replacing all entries using φ gives the following table. + 0 4 2 3 1 5 0 0 4 2 3 1 5 4 4 2 0 1 5 3 2 2 0 4 5 3 1 3 3 1 5 0 4 2 1 1 5 3 4 2 0 5 5 3 1 2 0 4 This is just the group table for C 6, which proves that C 2 C 3 = C6. The last example is a special case of the following result. Lemma 0.16. When m, n Z and m, n have no common factors (apart from 1) then C m C n = Cmn. The following is also quite a useful property of finite Abelian groups. Lemma 0.17. Any finite Abelian group G is isomorphic to the product of cyclic groups: G = C m1 C m2... C mk, for some C m1,..., C mk. For any group G, it is natural to consider groups which lie inside G (that is to say, which are subsets of G). Definition 0.18. Let G, be a group and let H G [H is a subset of G]. We say that H is a subgroup of G (written: H G) if H is nonempty, and forms a groups with respect to the same operation as G. This is equivalent to: e G H (where e G is the identity element in G), If f, g H then f g H, If h H then h 1 H. Note that associativity automatically holds in H since it holds in the group G, of which H is a subset. Examples 0.19. (a) H = {..., 4, 2, 0, 2, 4,...} Z, +. (b) H = {..., 3, 1, 1, 3,...} Z, +, since the identity element 0 is not in the set (we could alternatively have used the fact that it is not closed; for example, 1, 3 H but 1 + 3 H).

5 (c) H = {0, 1, 2, 3,...} Z, +. It is fine for containing the identity element and closure, but H does not contain the inverse of every element in H (for example, 3 H but 3 H). Definition 0.20. Let H G and let g G. The set gh = {g h : h H} is called a left coset of H and the set Hg = {h g : h H} is called a right coset of H. When the number of distinct left cosets is finite, it can be shown that this is the same as the number of distinct right cosets; this number is the index of H in G and is denoted [G : H]. Comment 0.21. When the group operation is some form of multiplication, one typically writes the left (or right) cosets, as above, in the style gh (or Hg). When the group operation is some form of addition, then one typically writes g + H = {g + h : h H} (similarly for H + g). Example 0.22. Let G = Z, + and let H = 3Z = {..., 6, 3, 0, 3, 6,...} G. Then some examples of left cosets are: 0 + H = {..., 0 + ( 6), 0 + ( 3), 0 + 0, 0 + 3, 0 + 6,...} = {..., 6, 3, 0, 3, 6,...}, 1 + H = {..., 1 + ( 6), 1 + ( 3), 1 + 0, 1 + 3, 1 + 6,...} = {..., 5, 2, 1, 4, 7,...}, 2 + H = {..., 2 + ( 6), 2 + ( 3), 2 + 0, 2 + 3, 2 + 6,...} = {..., 4, 1, 2, 5, 8,...}, 3 + H = {..., 3 + ( 6), 3 + ( 3), 3 + 0, 3 + 3, 3 + 6,...} = {..., 3, 0, 3, 6, 9,...}. 4 + H = {..., 4 + ( 6), 4 + ( 3), 4 + 0, 4 + 3, 4 + 6,...} = {..., 2, 1, 4, 7, 10,...}. Note that 0 + H = 3 + H and 1 + H = 4 + H. Clearly... 6 + H = 3 + H = 0 + H = 3 + H = 6 + H =...... 5 + H = 2 + H = 1 + H = 4 + H = 7 + H =...... 4 + H = 1 + H = 2 + H = 5 + H = 8 + H =... so that there are only 3 distinct left cosets. So here the index [G : H] = 3. The left coset eh = H, where e is the identity element, so that H is one of the left cosets of itself (and similarly is one of the right cosets of itself). It can be shown that two left cosets g 1 H and g 2 H are either equal or disjoint and that every element of G is a member of some coset. When G is a finite group, it can also be shown that any g 1 H and g 2 H have the same number of elements (and so every left coset of H has the same number of elements as H). It follows that the left cosets of H give a partition of G, that is, they give G as a union of disjoint subsets. Since each of these subsets has the same number of elements as H, we see that G = H +... + H = k H, where k is the number of distinct left cosets of H [here, S is the standard notation for the number of elements in S, for any set S]. The following immediately follows. Theorem 0.23. (Lagrange s Theorem) Let G be a finite group, and let H G. Then H is a factor of G [this can also be expressed as H divides G, or as H G ].

6 There are many situations where we would like to consider the elements of a group G, but in a simplified context, where we mod out (or quotient out ) by a subgroup, and focus on the information that remains. For example, when G = Z, +, we might want to collapse H = 3Z G down to a single element, and consider the elements mod H (considering elements to be the same if they lie in the same coset). The natural way to do this is to create a new group G/H, whose elements are (say) the left cosets of H, in which case there are only 3 distinct elements: {..., 6, 3, 0, 3, 6,...}, {..., 5, 2, 1, 4, 7,...}, {..., 4, 1, 2, 5, 8,...}, which give all the members of G/H. It is natural to ask whether the group law on G carries over to give group law on G/H. How might we add, for example, the second and third of these? That is, we want to perform the addition: {..., 5, 2, 1, 4, 7,...} + {..., 4, 1, 2, 5, 8,...}. A natural attempt is add any element in the first coset to any element in the second coset, and see what coset the sum lies in. For example, 5 is in the first coset, and 2 is the second coset, and 5 + 2 = 3, which lies in: {..., 6, 3, 0, 3, 6,...}, suggesting that, in G/H: {..., 5, 2, 1, 4, 7,...} + {..., 4, 1, 2, 5, 8,...} = {..., 6, 3, 0, 3, 6,...}. Furthermore, it doesn t matter what members you take: you can add any member of {..., 5, 2, 1, 4, 7,...} to any member of {..., 4, 1, 2, 5, 8,...} and you will get a member of {..., 6, 3, 0, 3, 6,...}, reinforcing our confidence in this definition of the sum. It is easy to see that this gives a way of turning the 3 members of G/H into a group. We can also express this group law on G/H as: (g 1 + H) + (g 2 + H) = (g 1 + g 2 ) + H, where the well-definedness of this rule is due to the fact that, at least for this choice of G, H, whenever g 1 + H = g 1 + H and g 2 + H = g 2 + H then (g 1 + g 2 ) + H = (g 1 + g 2) + H. Even though the members of G/H are sets, it is often convenient to denote them by selected representative elements; for example, we can use 0, 1, 2 to denote the cosets containing 0, 1, 2, respectively, in which case that above addition could be expressed as: 1 + 2 = 0 in G/H. Of course, 91 lies in the same coset as 1, so that 1 = 91 in G/H; we could just as easily represent our 3 members of G/H as 0, 91, 2 and say that 91 + 2 = 0 in G/H. Similarly, let G = C,, the group of nonzero complex numbers under multiplication, and let H = {z : z = 1} G, the unit circle on an Argand diagram. Then an example of a left coset is (3 + 4i)H = {(3 + 4i)z : z = 1}, which is easily seen to be just the circle, centre 0, with radius 5 (the modulus of 3 + 4i). Note that the group operation is multiplication here, so the cosets are written as gh = {g h : h H} = {gh : h H} [rather than g + H = {g h : h H} = {g + h : h H}, as in the previous example]. Two complex

7 numbers are in the same coset iff they have the same modulus. Clearly, the left cosets are just the circles with centre 0, and these are the elements of G/H. We have modded out by H, removing the argument information, and retaining only the modulus information. We can turn G/H into a group under multiplication: for example, the set of complex numbers of modulus 5 multiplied by the set of complex numbers of modulus 2 gives the set of complex numbers modulus 10. This is well defined, since it does not matter which representative is taken: any member of the first coset (any complex number of modulus 5) times any member of the second coset (any complex number of modulus 2) will give a member of the third coset (a complex number of modulus 10). By way of contrast, let G be as in Example??(h), that is, G = S 3,, the group of permutations of {1, 2, 3} under the operation f g = g-followed-by-f [where, as usual, we shall abbreviate f g as fg]. Consider H = {e, (12)} G. There are only 3 distinct left cosets of H: eh = (12)H = {e, (12)}, (123)H = (13)H = {(123), (13)}, (132)H = (23)H = {(132), (23)}. How might we try to perform: {e, (12)}{(123), (13)}? We could attempt the same approach as before: take any element from each set, combine them according to the group law on G and see what coset the results lies in. For example, e is a member of {e, (12)} and (123) is a member of {(123), (13)} and e(123) = (123) {(123), (13)}. So we might be tempted to say that {e, (12)}{(123), (13)} = {(123), (13)}. On the other hand, (12) {e, (12)} and (13) {(123), (13)}, and (12)(13) = (132) {(132), (23)}, so this suggests that {e, (12)}{(123), (13)} = {(132), (23)}. We see that there is no sensible unambiguous way of defining {e, (12)}{(123), (13)}. To put it another way, our attempt to use the natural rule (g 1 H)(g 2 H) = (g 1 g 2 )H to give a group law on G/H, has foundered on the fact that there are instances where g 1 H = g 1H and g 2 H = g 2H, but (g 1 g 2 )H (g 1g 2)H [for example, when g 1 = e, g 1 = (12), g 2 = (123), g 2 = (13)]. Any attempt to turn the set of right cosets into a group would also suffer the same problem. Note that if we keep the group G = S 3, as before, but use instead H = {e, (123), (132)} G, then it is easy to check that everything is fine, and we can turn G/H into a group. The key property which allows G/H to be a group is the following. Definition 0.24. Let G, be a group and let H G. We say that H is a normal subgroup of G, denoted H G if, for every g G, gh = Hg. An equivalent definition is: g G, h H, g 1 hg H.

8 Comment 0.25. When H G, the left cosets of H are the same as the right cosets, and so we can just refer to them as cosets, without needing to specify left or right. Definition 0.26. Let G, be a group and let H G. Then G/H (or G quotient H or G mod H ) is defined as G/H = {gh : g G}, under the group operation: (g 1 H)(g 2 H) = (g 1 g 2 )H [here, we are writing g 1 g 2, g 1 H, g 2 H as shorthand for g 1 g 2, g 1 H, g 2 H]. When G/H is finite then clearly #G/H = [G : H] (since the elements of G/H are the distinct cosets of H in G, and the number of these is defined to be the index [G : H]). Why is it that the condition H G is sufficient for this group operation on G/H to be well defined? Recall, the guarantee we need for unambiguity is that, whenever g 1 H = g 1H and g 2 H = g 2H, then (g 1 g 2 )H = (g 1g 2)H. So, suppose that H G and that g 1 H = g 1H, g 2 H = g 2H. Then: (g 1 g 2 )H = g 1 (g 2 H) = g 1 (g 2H) = g 1 (Hg 2) = (g 1 H)g 2 = (g 1H)g 2 = (Hg 1)g 2 = H(g 1g 2) = (g 1g 2)H, as required. Comment 0.27. If G, is Abelian then any subgroup H must be normal, guaranteeing that we can always form the quotient group G/H. Definition 0.28. Let X be any set, and let be a binary relation on X. We say that is an equivalence relation if it satisfies: (1) a a for all a X [reflexivity]. (2) a b = b a for all a, b X [symmetry]. (3) a b and b c = a c for all a, b, c X [transitivity]. The equivalence class of an element a X, denoted [a], is the set of all members of X which are equivalent to a. This is to say: [a] = {x X : x a}. Given any g 1, g 2 G, it is easy to check that g 1 H = g 2 H exactly when g 1 = g 2 h, for some h H; that is, when g 1 g 1 2 H. Define the relation g 1 g2 by: g 1 g2 g 1 = g 2 h, for some h H, which gives an equivalence relation on G. Another way to describe members of G/H is to say that they are equivalence classes under this relation (or, we can also say that they are the members of G modulo the equivalence relation). Comment 0.29. It can sometimes seem cumbersome to deal directly with the above definition of G/H, since the group elements in G/H are cosets (so that G/H is a set of sets). Suppose nobody had ever mentioned cosets. There is a more intuitive approach to quotient groups (which is in fact the way they are mostly dealt with in practice) which requires no

9 explicit mention of cosets. Namely, one writes the elements of G/H exactly as the elements of G, except that certain elements become equal in G/H which were distinct in G. Specifically, one imposes the rule: g 1 = g 2 in G/H g 1 = g 2 (some member of H). Equivalently: g 1 = g 2 in G/H g 1 g2 1 H. When the operation in G is addition, this means two elements are equal in G/H exactly when their difference is in H. When the operation in G is multiplication, two elements are equal in G/H exactly when their quotient is in H [of course, when the group operation is neither an addition nor a multiplication, then just use the general criterion g 1 g 1 2 H]. The following examples are described in this spirit, with no explicit mention of cosets. Examples 0.30. (a) Let G = Z, + and H = 3Z = {..., 6, 3, 0, 3, 6,...} G. We see that, for example, 1 = 16 ( 15) in G [since is + here], so that 1 = 16 (member of H), and so 1 = 16 in G/H. Equivalently, 1 16 1 = 1 + ( 16) = 15 H = 1 = 16 in G/H [note that 16 1 is the inverse of 16 in G, which is 16]. On the other hand, 1 20 in G/H, since 1 = 20 ( 19) and 19 H. In the group G/H = Z/3Z:... = 6 = 3 = 0 = 3 = 6 =...... = 5 = 2 = 1 = 4 = 7 =...... = 4 = 1 = 2 = 5 = 8 =... and so Z/3Z contains only 3 distinct elements. The usual convention is to pick out 0, 1, 2 as listing the distinct members of Z/3Z. We can see that Z/3Z, + is isomorphic to C 3, +. (b) Let G = Q, = nonzero members of Q under multiplication. Let H = (Q ) 2 = {squares of nonzero members of Q}. For example, 4/9 H but 2 H. In Q, 2/3 = 6 1 9 and 1 9 (Q ) 2 so that 2/3 = 6 in Q /(Q ) 2. Similarly, 6 = 24 25 in Q /(Q ) 2 since 6 = 24 25 25 4 and 25 4 (Q ) 2. However, 2 3 in Q /(Q ) 2 since 2 = 3 2 3 and 2 3 (Q ) 2. Note that any a b Q /(Q ) 2 [where a, b Z] can be written as a b = a b b2 = ab Z. We can write any integer in the form rs 2 where r, s Z and r is square-free [where square free means not divisible by any integer square except 1; for example, 6 is square free, but 12 is not square free, since it is divisible by 4]. Write the integer ab in the form rs 2, so that a = ab = b rs2 = r in Q /(Q ) 2. The standard way of working in Q /(Q ) 2 is to write each distinct element as a square free integer. For example: 20 13 = ( 20 13) 13 2 = 20 13 = 4 5 13 = 5 13 = 65 in Q /(Q ) 2, which is a square free integer.

10 (c) Let G = C, and H = {z : z = 1}. Then z 1 = z 2 in G/H z 1 /z 2 H z 1 /z 2 = 1 z 1 = z 2. That is, z 1 = z 2 in G/H exactly when they have the same modulus. So, for example, 3 + 4i = 5i = 5 in G/H. Clearly, every member of G is equal in G/H to precisely one nonzero real number (namely, its modulus). So, each element of G/H can be represented by a nonzero real numbers, and it is easy to see that G/H is isomorphic to R,. Given a homomorphism φ : G 1, 1 G 2, 2, the kernel can be shown to be a normal subgroup of G 1, and so we can form the quotient group G 1 /ker φ. The map g 1 ker φ g can be shown to be well defined and injective (and onto im φ), giving the following result. Theorem 0.31. [First Isomorphism Theorem for Groups] Let φ : G 1, 1 G 2, 2 be a homomorphism. Then ker φ G 1, im φ G 2 and G 1 /ker φ = im φ. In particular, if φ is surjective then G 1 /ker φ = G 2. Comment 0.32. Note that, in the case when φ is surjective, we have im φ = G 2 and so G 1 /ker φ = G 2. Examples 0.33. (a) Let φ : R R R, + R R, + be defined by φ ( (x, y, z)) = (x, y) [the projection map to the (x, y)-plane]. Then ker φ is the z-axis {(0, 0, z) : z R}, and im φ is all of R R (the map is surjective). The isomorphism theorem tells us that R R R/ker φ = R R. (b) Let φ : C, R, : z z. Then ker φ = {z : z = 1} and im φ is all of R (the map is surjective). The isomorphism theorem tells us that C /ker φ = R. The following are both easy to deduce from the First Isomorphism Theorem. Theorem 0.34. [Second Isomorphism Theorem for Groups] Let H G and N G. Then HN G, H N H and (HN)/N = H/(H N). Theorem 0.35. [Third Isomorphism Theorem for Groups] Let N G, K G, with K N G. Then N/K G/K and (G/K)/(N/K) = G/N. The proof of the last part is simply to consider the natural map : G/K G/N : g + K g + N, check that it is a well defined surjective homomorphism with kernel N/K and then apply the First Isomorphism Theorem. Another important idea is that of the order of an element. Definition 0.36. Let G, be a group and g G. If there exists k > 0 such that g g... g [k times] = e then we say that g has finite order (or is a torsion element), and the smallest such k is the order of g, denoted o(g). If no such k exists, we say that g has infinite order.

11 For an Abelian group G, the set of all elements in G of finite order is a subgroup of G, the torsion subgroup of G, denoted G tors. Since {e, g, g 2,..., g o(g) 1 } is a subgroup of G [the subgroup generated by g] with o(g) elements, we obtain the following consequence of Lagrange s Theorem. Corollary 0.37. Let G, be a group and g G. The order of g is always a factor of G. As a consequence, g G = e. There is a partial converse due to Cauchy. Theorem 0.38. [Cauchy s Theorem on Finite Groups] Let G be a finite group and let p be prime such that p divides G. Then there exists g G such that o(g) = p. Definition 0.39. We say that G, is Boolean if, for all g G, g g = e [and so every element apart from the identity will have order 2]. Comment 0.40. Any finite Boolean group G is isomorphic to the product of a finite number of copies of C 2 ; that is: G = C 2 C 2... C 2. It follows that the order of G [that is, the number of elements in G] is a power of 2. Definition 0.41. Let G, be an Abelian group. The m-torsion subgroup of G, denote by G[m], is defined as {g G : g g... g [m times] = e}. This is same as the set of members of G whose orders are factors of m. Comment 0.42. When G be an Abelian group, let 2G denote the subgroup {g g : g G}. Clearly G/2G is always a Boolean group When G is a finite Abelian group, it can be shown that G/2G = G[2]. Definition 0.43. Let G be a group, written additively (so that our operation is written +). Let H 1,..., H n G. We say that G = n i=1h i = H 1... H n if every g G can be written uniquely as g = h 1 +... + h n, where each h i H i. Definition 0.44. Let G be a group, written additively, and let g G. For any positive a Z, define ag = g +... + g [a times]; define ( a)g = (ag); also define 0g to be the group identity (so, we have now defined ag for any a Z). We say that G is a free abelian group if there exists a set S of elements of G for which every g G can be written uniquely as a linear combination of a finite number of elements of S, with integer coefficients (up to isomorphism, it is just the set of formal finite sums of members of S). We say that S is a Z-basis for G. When S is finite and S = n, we say that G is a free abelian group of rank n.

12 For example G = Z Z (under addition) is a free abelian group of rank 2, with Z-basis S = {(1, 0), (0, 1)}, since any (a, b) = G can be written uniquely as a(1, 0) + b(0, 1), for a, b Z. Suppose G is any free abelian group of rank n with Z-basis S = {w 1,..., w n }; then G = Zw 1... Zw n ; furthermore G and Z Z (n times), are isomorphic as additive groups. Elementary Number Theory We have already seen the idea of the integers modulo m developed as a quotient group in Example??(a). The next few definitions rephrase this idea in the language of congruences (which we have already used in Examples??(f),(g), but which we now formalise). First a few preliminaries are necessary. Definition 0.45. For any a, b Z, we say that a divides b [or that a is a factor of b, or that a is a divisor of b], denoted a b, if there exists k Z such that b = ka. When a does not divide b, this is denoted a b [for example, 5 20, but 7 20 and 20 5]. Example 0.46. If x Z is a root of a polynomial f(x) = f n x n +... + f 0 with integer coefficients, then x f 0 [since, f(x) = 0 implies x( f n x n 1... f 1 ) = f 0 ]. So, for example, to test whether x 3 + 11x 6 = 0 has any integer solutions, it is only necessary to check the possibilities x = ±1, ±2, ±3, ±6. Since none of these are solutions, it follows that the equation x 3 + 11x 6 = 0 has no integer solutions. Definition 0.47. Let m Z, m > 1. We say that m is prime [or a prime number] if its only divisors are 1 and m itself; otherwise m is composite [by convention, 1 is neither prime nor composite]. Definition 0.48. For any m, n Z, the highest common factor of m, n, denoted hcf(m, n), is the largest d 1 such that d m and d n (sometime also called the greatest common divisor of m, n or gcd(m, n)). The least common multiple of m, n, denoted lcm(m, n), is the smallest D 1 such that m D and n D. Sometimes hcf(m, n) is abbreviated as (a, b) and lcm(m, n) as [a, b]. When hcf(m, n) = 1 we say that m and n are coprime. For example, the positive divisors of 12 are: 1, 2, 3, 4, 6, 12 and the positive divisors of 18 are: 1, 2, 3, 6, 9, 18. The common divisors are: 1, 2, 3, 6, the greatest of which is 6, and so hcf(12, 18) = 6. Note that any common divisor of a and b is also a common divisor of a + kb and b, and vice versa, giving the following property of hcf s. Lemma 0.49. For any a, b, k Z, hcf(a + kb, b) = hcf(a, b) = hcf(a, b + ka).

13 A fundamental property of Z is that, given any a, b Z, one can find the highest multiple of b [say qb] a, and the remainder a qb will have absolute value less than b. This is to say, given any a, b Z, there exist q, r Z such that a = qb + r and r < b. This is known as the Division Algorithm, and the existence of such q, r [given any a, b] can be proved by induction. For example, given a = 22 and b = 5, we can say that 5 goes into 22 a total of q = 4 times with remainder r = 2, and write: 22 = 4 5 + 2, and indeed 0 2 < 5. Repeated applications of the Division Algorithm give the following technique for finding the greatest common divisor of two numbers. Definition 0.50. Given positive integers m, n, Euclid s Algorithm for finding hcf(m, n) is as follows. First find q 1, r 2 such that m = q 1 n + r 2 (0 r 2 < n), Then find q 2, r 3 such that n = q 2 r 2 + r 3 (0 r 3 < r 2 ), Then find q 3, r 4 such that r 2 = q 3 r 3 + r 4 (0 r 4 < r 3 ), and so on. Since the remainders r i 0 are strictly decreasing, we will at some point get remainder 0. The last nonzero remainder r k is hcf(m, n). The proof that Euclid s Algorithm gives hcf(m, n) is a repeated application of Lemma??. Example 0.51. Consider m = 9108, n = 1121. The first step of Euclid s Algorithm is: 9108 = 8 1121+140. The second step is: 1121 = 8 140+1, and the final step is 140 = 140 1 = 0, giving remainder 0. The last nonzero remainder is 1, which must be hcf(9108, 1121). Note that we can reverse the steps of Euclid s Algorithm to express hcf(m, n) as an integer linear combination of m, n. In this example, we write the equation from the last-nonzeroremainder step as: 1 = 1121 8 140. We then use the previous equation [expressed as 140 = 9108 8 1121] to obtain: 1 = 1121 8 (9108 8 1121) and so 1 = 8 9108+65 1121. ( 1 0 0( 1 0 Another way of performing the same computation is by row operations on the matrix 0 ( 9108 1 1121) R 1 8R 2 1 8 ) ( 140 0 1 1121 R 2 8R 1 1 8 ) ( 140 8 65 1 R 1 140R 2 0 8 65 1), where the entries need not be computed. This gives us, all in the same computation, that 1 m n ). In this case: hcf(9108, 1121) = 1, and the bottom row of the last matrix gives hcf(9108, 1121) as a linear combination of 9108, 1121, namely: 1 = 8 9108 + 65 1121, as before. This process can be performed for any m, n, giving the following result. Lemma 0.52. For any m, n N, there exist λ, µ Z such that λm + µn = hcf(m, n). Definition 0.53. Let a, b, m Z. modulo m ] when m (a b). We say that a b (mod m) [ a is congruent to b

14 For example, 2 12 (mod 5), since 5 (2 12). a b (mod m) and c d (mod m), then a + c b + d, a c b d, ac bd, a n b n, ka kb (mod n), It is straightforward to show that, if for any k Z and any n Z, n 0. So, congruences in most ways can be manipulated like standard equations. An exception is cancellation: ka kb (mod m) does not always imply that a b (mod m); for example 2 4 2 1 (mod 6) even though 4 1 (mod 6). However, the implication is always true when k and m are coprime. Lemma 0.54. If hcf(m, n) = 1 then there exists λ Z such that λm 1 (mod n). In particular, if p is prime and p m then there exists λ Z such that λm 1 (mod p). Proof We know from Lemma?? that there exist λ, µ such that λm + µn = hcf(m, n). Reducing modulo n immediately gives the required result. Corollary 0.55. For any m N, the set G m = {x : 1 x m, hcf(x, m) = 1} is a group under multiplication modulo m. In particular, for any prime p, the set {1, 2,..., p 1} is a group under multiplication modulo p. Letting G = {1, 2,..., p 1}, we can apply Corollary?? to obtain the following. Theorem 0.56. (Fermat s Little Theorem). Let p be prime. If p a then a p 1 1 (mod p). As a consequence, a p a (mod p) for all a, regardless of whether p a or p a. The following result is useful for solving simultaneous congruences. Theorem 0.57. [Chinese Remainder Theorem (for congruences)] Let n 1,..., n k Z be pairwise coprime (that is, hcf(n i, n j ) = 1 whenever i j). Let a 1,..., a k Z. Then there exists x Z which is a solution to the system of simultaneous congruences x a 1 (mod n 1 ), x a 2 (mod n 2 ),..., x a 2 (mod n k ) and this solution is unique modulo N = n 1 n 2... n k. In order to prove this, one defines N i = N/n i (which is the product of all of n 1,..., n k, except with n i i removed from the product). Then hcf(n i, n i ) = 1, so that there exists λ i, µ i Z such that λ i N i + µ i n i = 1, and so λ i N i 1 (mod n i ). Then one can easily check that x = k i=1 λ in i a i is a solution to the above system. If also y were a solution, then x y (mod n i ) and so n i (x y) for all i; since n 1,..., n k are pairwise coprime, this gives N = n 1 n 2... n k (x y), so that x y (mod N); in other words, x is unique mod N, as required. Another natural problem in Number Theory is that of trying to decide when one number is congruent to a square modulo a prime.

15 Definition 0.58. Let p be prime and m Z. We say that m is a quadratic residue mod p if there exists x Z such that m x 2 (mod p). Otherwise m is a quadratic non-residue mod p. For example, consider what happens modulo p = 5. Every number is congruent to one of 0, 1, 2, 3 or 4 (mod 5) [which are the same as 0, 1, 2, 2, 1 (mod 5)]. Now: 0 2 0, 1 2 1, 2 2 4, 3 2 = ( 2) 2 4, 4 2 = ( 1) 2 1 (mod 5). So, 0, 1, 4 are quadratic residues mod 5, but 2, 3 are not. Lemma 0.59. For any prime p 2, let Z p = {0, 1,..., p 1}, with addition and multiplication mod p, and let Z p = {1,..., p 1}, the nonzero elements of Z p. Define ψ : Z p Z p : x x 2 is a 2-to-1 map [2 elements map to 1 element], with ψ(x) = ψ(p x), or equivalently ψ(x) = ψ( x) [since (p x) 2 ( x) 2 x 2 (mod p)]. So exactly half of {1,..., p 1} are quadratic residues mod p and half are quadratic non-residues mod p. Definition 0.60. For prime p and p m, define the Legendre symbol by: ( m ) {1 if m is a quadratic residue mod p, p = 1 otherwise. When p m, we normally define ( ) m p = 0. For example, we have already seen that ( ( 2 5) = 1. Also, 7 ( 5) = 2 5) = 1, since 7 and 2 are congruent (mod 5). Similarly, ( ) ( 11 5 = 1 ) ( 5 = 1 and 10 ) 5 = 0. Lemma 0.61. Let p be an odd prime and let p m, n, m 1, m 2. (a) If m 1 m 2 (mod p) then ( m 1 ) ( p = m2 ) p. (b) ( ) ( mn p = m )( n ) p p, which is the same as saying: mn is a quadratic residue mod p either (m and n are both quadratic residues mod p) (c) ( 1 p ) = 1 p 1 (mod 4) or p = 2. ( 1 p or (m and n are both quadratic non-residues mod p) ) = 1 p 3 (mod 4). (d) ( 2 p) = 1 p ±1 (mod 8). ( 2 p) = 1 p ±3 (mod 8). Theorem 0.62. (Gauss Law of Quadratic Reciprocity). Let p 2, q 2 be distinct primes. If either p 1 (mod 4) or q 1 (mod 4) then ( p q ) = ( q p). If both p 3 (mod 4) and q 3 (mod 4) then ( p q ) = ( q p). Example 0.63. Let us decide whether 6 is a quadratic residue mod 1019 [which is prime], using applications of quadratic reciprocity. ( 6 ) ( 1019 = 2 )( 3 ) ( 1019 1019 = ( 1) 3 1019) [by Lemma??(d)] = ( 1)( 1) ( ) 1019 3 [by quadratic reciprocity, since both 1019 and 3 are 3 (mod 4)] = ( 1)( 1) ( 2 3) = ( 1)( 1)( 1) = 1,

16 establishing that 6 is a quadratic non-residue mod 1019 [and so there does not exist an integer x such that 6 x 2 (mod 1019)], in a way much quicker than checking that none of 0 2, 1 2,..., 1018 2 are congruent to 6 (mod 1019). Quadratic reciprocity also gives a quick way, for any given integer n, of describing all primes p such that n is a quadratic residue mod p. Example 0.64. Let us describe the primes p for which 3 is a quadratic residue mod p. First note that 3 is a quadratic residue mod 2 and mod 3, so it remains to consider p > 3. For p > 3, p is divisible by neither 2 nor 3, and so p 1 or 3 mod 4 and p 1 or 2 mod 3. When we apply quadratic reciprocity to go from ( 3 p) to ( p 3), the cases p 1 or 3 mod 4 will determine whether a negative sign is introduced. Then the value of ( p 3) will be determined by whether p 1 or 2 mod 3. So, it is natural to see what happens in each of the following four cases. Case 1: p 1 (mod 4) and p 1 (mod 3) [which is the same as: p 1 (mod 12)]. In this ) ) = ( p 3 [by quadratic reciprocity] ( 1 3) [since p 1 (mod 3)] = 1. case: ( 3 p Case 2: p 1 (mod 4) and p 2 (mod 3) [which is the same as: p 5 (mod 12)]. In this ) = ( p 3 ) ( 2 3) = 1. case: ( 3 p Case 3: p 3 (mod 4) and p 1 (mod 3) [which is the same as: p 7 (mod 12)]. In this ) = ( p 3 ) ( 1 3) = 1. case: ( 3 p Case 4: p 3 (mod 4) and p 2 (mod 3) [which is the same as: p 11 (mod 12)]. In this case: ( ) ) 3 p = ( p 3 ( 2 3) = ( 1) = 1. To summarise: 3 is a quadratic residue mod p p = 2, p = 3 or p 1, 11 (mod 12). Rings There are many situations where we have two operations on the same set, for example Z with both addition and multiplication. Definition 0.65. Let R have two binary operations +,. R is a ring (with 1) if: R is a commutative group under + with identity 0. There exists an element 1 ( 0) such that, for all r R, 1 r = r 1 = r. For all r, s, t R, (r s) t = r (s t) [associativity of multiplication]. For all r, s, t R, r (s + t) = r s + r t, (s + t) r = s r + t r [left and right distributivity]. Note that, for any ring, addition is always commutative, but multiplication need not be commutative. When multiplication is commutative [that is, r s = s r for all r, s R] we say that R is a commutative ring.

17 Examples 0.66. (a) Z, +, is a commutative ring. (b) For any ring R, define R[x] = {polynomials in x with coefficients in R}, which is also a ring, with the usual addition and multiplication of polynomials. Also define the ring R[[x]] = {power series in x with coefficients in R}. The same is true when there are several variables, for example: R[x, y], R[[x, y]]. (c) Let G, + be any commutative group. Let End(G) = {φ : φ is an endomorphism on G}. Then End(G) is a ring, with operations: (φ 1 + φ 1 )(g) = φ 1 (g) + φ 2 (g) [defining ring addition φ 1 + φ 2 ], and with ring multiplication given by φ 1 φ 2 [composition]. This is the endomorphism ring of the group G. (d) M 2 (Z) = {2 2 matrices with integer entries} is a non-commutative ring, with 0 given by ( ( 0 0 0 0) and 1 given by 1 0 0 1). (e) The set {0,..., n 1} under addition and multiplication modulo n is a commutative ring. Definition 0.67. Let R, S be rings. Define the ring R S = {(r, s) : r R, s S} with + and on R S defined by: (r 1, s 1 ) + (r 2, s 2 ) = (r 1 + R r 2, s 1 + S s 2 ), (r 1, s 1 ) (r 2, s 2 ) = (r 1 R r 2, s 1 S s 2 ), where + R, + S denote addition in R, S, respectively, and where R, S denote multiplication in R, S, respectively. Definition 0.68. A commutative ring R is an integral domain if, for all r, s R, rs = 0 = (r = 0 or s = 0). For example, Z and Z[[x]] are integral domains, but M 2 (Z) is not, since ( 1 0 0 ( 0 0 0)( 0 1) = 0 0 0 0). Definition 0.69. Let R, S be rings. A function φ : R S is a ring homomorphism if, for all r 1, r 2 R, φ(r 1 + r 2 ) = φ(r 1 ) + φ(r 2 ) and φ(r 1 r 2 ) = φ(r 1 ) φ(r 2 ). Define the kernel as ker φ = {r R : φ(r) = 0} and the image as im φ = {φ(r) : r R}. If φ is also injective then φ is a monomorphism (or embedding). If φ is also a bijection, then φ is a ring isomorphism. If there exists an isomorphism from R to S, then R and S are isomorphic, denoted R = S. The equivalent idea for rings to that of normal subgroups is as follows. Definition 0.70. An ideal of a ring R is a subset I R satisfying: I, + is a subgroup of R, +. For all r R, a I we have r a I and a r I. We sometimes use I R to denote that I is an ideal of R. This last condition can be phrased as: the product of anything in the ring with anything in the ideal must be in the ideal. Note that 1 I I = R. If I R then I is

18 a proper ideal. If I is a proper ideal and is not contained in a larger proper ideal, then I is a maximal ideal. We say that J is a prime ideal if it is a proper ideal and: for all a, b, if ab J then a J or b J. Given any a 1,..., a n R, we use (a 1,..., a n ) to denote {r 1 a 1 +... + r n a n : r i R}, which is the ideal generated by a 1,..., a n. An ideal generated by one element a, namely an ideal which can be written in the form (a) = {ra : r R} is called a principal ideal. Given two ideals I, J of R, the intersection I J is an ideal of R; we define I + J = {a + b : a I, b J}, which is also an ideal of R. We have to be more careful with IJ, since {ab : a I, b J} is not always an ideal, so we instead { define IJ to be the ideal generated k } by these products, that is to say, we define IJ = i=1 a ib i : a i I, b i J, k 1, which is an ideal of R. Note that always IJ I J I, J I + J. Definition 0.71. Let I be an ideal of a ring R; define the quotient ring R/I = {r+i : r R}, under the operations (r 1 + I) + (r 2 + I) = (r 1 + r 2 ) + I and (r 1 + I) (r 2 + I) = (r 1 r 2 ) + I. Note that I is an ideal if and only if it occurs as the kernel of a ring homomorphism from R to some ring. Lemma 0.72. Let R be a commutative ring. Then I is a prime ideal of R if and only if R/I is an integral domain. For example, xz[x] [the polynomials with 0 constant term] is an ideal of the ring Z[x] (and it is a principal ideal (x)). It is a prime ideal, so that Z[x]/(x) must be an integral domain. It is the kernel of the ring homomorphism from Z[x] to Z, defined by p(x) p(0). Furthermore: Z[x]/xZ[x] = Z. Similarly, for any fixed n, clearly nz is an ideal of the ring Z (and is the principal ideal (n)); the ring of Example??(e) is just the quotient ring Z/nZ. Note that nz is a prime ideal if and only if n is prime. Hence Z/nZ (which is just the ring {0,..., n 1} under addition and multiplication modulo n) is an integral domain if and only if n is prime. Warning. An ideal can still be principal even if it not initially expressed in terms of one generator. For example, consider the ideal I = (4, 6), which is (by definition) the ideal of Z generated by 4 and 6, so that I = (4, 6) = {4r 1 + 6r 2 : r 1, r 2 Z}. Note that 2 = 4 { 1} + 6 1 I so that any 2 r I and so: (2) I. Also any 4r 1 + 6r 2 I can be written as 2{2r 1 + 3r 2 } (2). Hence I = (2). So, I = (4, 6) is a principal ideal, since it can also be written as (2). Rings have isomorphism theorems similar to those for groups (and the proofs are similar). Theorem 0.73. [First Isomorphism Theorem for Rings] Let R, S be rings and φ : R S be a ring homomorphism. Then ker φ R, im φ is a subring of R and R/ ker φ = im φ. In particlar, if φ is surjective then R/ ker φ = S.

19 Theorem 0.74. [Second Isomorphism Theorem for Rings] Let R be a ring, S be a subring of R and I R. Then S + I = {s + i : s S, i I} is a subring of R, S I R and (S + I)/I = S/(S I). Theorem 0.75. [Third Isomorphism Theorem for Rings] Let R be a ring and let I, J R with I J R. Then J/I R/I and (R/I)/(J/I) = R/J. Definition 0.76. Let R be a ring. If there exists an integer n 1 such that 1 + 1 +... + 1[n times] = 0, then the smallest such n is the characteristic of R. If no such n exists, then R is said to have characteristic 0. For example, Z/nZ has characteristic n, whereas Z, Q, C all have characteristic 0. Suppose that I is a maximal ideal of some commutative ring R. Imagine it were not a prime ideal, so that there exist r, s I such that rs I but r, s I. Define I, r = {a + rt a I, t R} and I, s = {a + st a I, t R}. Clearly I I, r and I I, r (since r I, r and r I), so that I, r = R (since I is maximal); hence (since 1 R) there exist a I, t R such that 1 = a + rt. Similarly there exist a I, t R such that 1 = a + st. Hence 1 = (a + rt)(a + st ) = aa + ast + a rt + rstt I, since I is an ideal (and since a, a, rs I). But 1 I gives, for any r R that r = r 1 I so that I = R, contradicting the maximality of I. This proves the following result. Theorem 0.77. Let R be a commutative ring. Every maximal ideal of R is a prime ideal of R. The converse is false; for example, (x) = xz[x] is a prime ideal of the ring Z[x] but it is not a maximal ideal since, for example, (x) (2, x) Z[x] (all of which are strict inequalities), where (2, x) is the ideal generated by 2 and x (which is the set of all polynomials in Z[x] with even constant term). Definition 0.78. Two ideals I, J of a ring R are coprime if I + J = R. For example, the ideals mz and nz of the ring Z are coprime ideals exactly when m, n are coprime integers, that is, when hcf(m, n) = 1. To see this, note that, when hcf(m, n) = 1, there exist λ, µ Z such that λm + µn = 1 and so 1 = mλm + nµ mz + nz and so mz + nz = Z. If hcf(m, n) = d > 1 then clearly and mz + nz dz Z. Theorem 0.79. [Chinese Remainder Theorem (for rings)] Let R be a commutative ring and let I 1,..., I k be ideals of R which are pairwise coprime (that is, I i + I j = R whenever i j). Let I = I 1 I 2... I k. Then I = I 1 I 2 I k (the product equals the intersection) and R/I = R/I 1... R/I k under the natural isomorphism φ : R/I R/I 1... R/I k given by φ(x + I) = (x + I 1,..., x + I k ).

20 The earlier Chinese Remainder Theorem (for congruences) is a special case of this. Suppose that we have the system x a 1 (mod n 1 ), x a 2 (mod n 2 ),..., x a k (mod n k ), with n 1,..., n k pairwise coprime integers, and let N = n 1 n 2... n k. Then n 1 Z,..., n k Z are pairwise coprime ideals of the ring Z and the Chinese Remainder Theorem (for rings) tells us that I = n 1 Z n 2 Z... n k Z = n 1 Zn 2 Z n k Z = NZ and that φ : Z/NZ Z/n 1 Z... Z/n k Z, given by φ(x + NZ) = (x + n 1 Z,..., x + n k Z), is an isomorphism. Hence there is a unique x + NZ Z/NZ which maps to (a 1 + n 1 Z,..., a k + n k Z), which is precisely the same as saying there there is a unique solution (mod N) to the above system of congruences. Now, let R be any commutative ring and I R. If J R and I J R then J/I R/I and so the map φ : J J/I gives a map from the set {J : J R and I J R} to the set {V : V R/I}. In the reverse direction, if V R/I then {r R : r + I V } R. It can be shown that the map ψ : V {r R : r + I V } is the inverse of φ which gives the following result. Theorem 0.80. Let R be a commutative ring and let I R. Then there is a 1-1 correspondence between the set of ideals of R containing I and the set of ideals of R/I. It can also be shown that primality is preserved, and so there is also a 1-1 correspondence between the set of prime ideals of R containing I and the set of prime ideals of R/I. Definition 0.81. Let R be a commutative ring. We say that a b (a divides b) in R if there exists c R such that b = ac. The element u R is a unit if u 1, that is, if there exists v R wuch that uv = 1. We say that a, b are associates if there exists a unit u such that b = au. An element d R is called a highest common factor of a, b if d a, d b and if, for any c R, (c a, c b) = c d. Note that, for a general commutative ring and general elements a, b, there might not even exist such and element d (when such an element does exist, it is clearly unique up to multiplication by units). An non-zero non-unit element ρ R is irreducible if, for any a, b R, ρ = ab = a or b is a unit. An non-zero non-unit element ρ R is prime if, for any a, b R, ρ ab = ρ a or ρ b. If ρ is prime then by induction, ρ a 1 a 2... a n = ρ a i for some i. Warning: the definition of prime (in Z) which you were given in school is actually the definition of irreducible! In any case, as we shall see, primes and irreducibles in Z turn out to be the same.

21 It is easy to show that, in any integral domain, every prime element must be irreducible, but the converse is false; for example, in the ring Z[ 5] the element 2 is irreducible but not prime (since 2 (1 + 5)(1 5) even though 2 1 + 5 and 2 1 5). One of the central problems in ring theory is to determine whether or not a given ring has unique factorisation into irreducibles. If one thinks for a moment how to show this for Z, a quick summary of one line of argument is as follows. First (by induction) prove the Division Algorithm that, for any a, b Z, there exist q, r Z such that a = qb + r and r < b. Now let 0 I Z, and let d be the smallest positive member of I; then I = (d) (otherwise the Division Algorithm would give a smaller positive member of I). Hence every ideal of Z is a principal ideal. For any m, n Z, the ideal (m, n) = mz + nz must be principal, say that mz + mz = cz; it is easy to show that c is a highest common factor of m, m and that there exist λ, µ Z such that λm + µn = c. Suppose that ρ Z is irreducible. Assume ρ ab and ρ a; let c be a highest common factor of ρ, a (which we have just shown exists); then c must be a unit, and we can take c = 1, so there exist λ, µ Z such that λρ + µa = 1, and so: λρb + µab = b. Then ρ LHS and so ρ b, proving that ρ is prime. Hence, in the ring Z, primes and irreducibles are the same. Imagine there exists n Z which cannot be factored as a product of a finite number of irreducibles. Then we can write n = n 1 a 1, n 1 = n 2 a 2,..., say, where none of the n i, a i are units, and so we can find an infinite sequence n 1, n 2,... such that each n i+1 n i and n i n i+1. This gives a chain of ideals: n 1 Z n 2 Z..., where each n i Z n i+1 Z. Let I = i=1 n iz, which can easily be shown to be an ideal of Z; since all ideals of Z are principal, there must exist m Z such that I = mz and furthermore m n i0 Z, for some n i0. It is then quick to show that n i0 Z = n i0 +1Z =..., a contradiction. Hence every n Z can be factored as a product of a finite number of irreducibles. Imagine such factorisations were not always unique and that there exists ρ 1 ρ 2... ρ r = ν 1 ν 2... ν s, where all ρ i, ν j are irreducible and where the RHS cannot be obtained from the LHS merely by reordering and replacing elements with associates. Amongst all such nonunique factorisations, consider one such for which r + s is minimal. We have already seen that all irreducibles are prime, so that ρ 1 is prime. Furthermore, ρ 1 ν 1 ν 2... ν s, so that ρ 1 ν j for some j; without loss of generality, say that ρ 1 ν 1. It follows that ρ 1, ν 1 are associates. On cancelling ρ 1 from both sides, one has a new example of non-unique factorisation, but with a smaller value of r + s, a contradiction. Hence factorisation is unique. It should be confessed here that the above is a rather convoluted approach simply for showing that Z has unique factorisation and there are a number of shortcuts available which work for Z. For example, Euclid s Algorithm (and reversing the steps of Euclid s Algorithm) gives the existence of hcf(m, n) and the fact that it can be written as λm + µn. Furthermore